<?php
require_once("./bm_header.php");
$cache_time=1;
require_once('./include/cache_start.php');
require_once("./include/const.inc.php");
require_once("./include/my_func.inc.php");

//用户信息

if(isset($_SESSION['user_id']) || isset($_GET['user_id']))
{
		if(isset($_GET['user_id']) && $_SESSION['user_id'] != $_GET['user_id'])
		{
			$enter_kind = 1;
			$user=$_GET['user_id'];
		}
		else if(isset($_SESSION['user_id'])) 
		{
			$enter_kind = 0;
			$user=$_SESSION['user_id'];
		}
		if($enter_kind == 1 && !$is_admin)
		{
			require_once("bm_footer.php");
			echo "<script language='javascript'>\n";
			echo "alert('没有查看其他用户信息的权限!');\n";
			echo "history.go(-1);\n";
			echo "</script>";
			echo "没有查看其他用户信息的权限!";
			exit(0);
		}
		if (!is_valid_user_name($user))
		{
			echo "没有这个帐号!";
			require_once("bm_footer.php");
			exit(0);
		}
		$user_mysql=mysql_real_escape_string($user);
		$sql="SELECT `user_num`, `user_name`,`user_email`,`user_phone`,`user_school`, `user_doc`, `user_order0`, `user_order1`, `user_active0`, `user_active1`  FROM `cr_user` WHERE `user_id`='$user_mysql'";
		$result=mysql_query($sql);
		$row_cnt=mysql_num_rows($result);
		if ($row_cnt==0)
		{ 
			echo "没有这个账号!";
			require_once("bm_footer.php");
			exit(0);
		}
		//echo "<title>User--$user</title>";
		$row=mysql_fetch_object($result);
		$user_doc = SqlToHtml($row->user_doc);
		$name=SqlToHtml($row->user_name);
		$email=SqlToHtml($row->user_email);
		$phone=SqlToHtml($row->user_phone);
		$school=SqlToHtml($row->user_school);
		$active0=SqlToHtml($row->user_active0);
		$active1=SqlToHtml($row->user_active1);
		$order0=SqlToHtml($row->user_order0);
		$order1=SqlToHtml($row->user_order1);
		$user_num=$row->user_num;
		mysql_free_result($result);

		
		
	$longmsg = "</br>";
	if(isset($_POST['do']))
	{
            require_once("./include/check_post_key.php");
	
			if($_FILES["file"]["size"] > $USERDOC_SIZE_LIMIT)
			{
				 $longmsg.="文档超出限制大小";
			}
			if (    (
			         ($_FILES["file"]["type"] == "application/octet-stream")
								||($_FILES["file"]["type"] == "application/x-zip-compressed")
						  )
						 && ($_FILES["file"]["size"] < $USERDOC_SIZE_LIMIT)   )//限制文件上传格式和大小
		  {
		  if ($_FILES["file"]["error"] > 0)
		  {
		    $longmsg.="Return Code: " . $_FILES["file"]["error"] . "<br />";
		  }
		  else
		  {
			$longmsg.="文件名: " . $_FILES["file"]["name"] . "<br />";
			$longmsg.="文件格式: " . $_FILES["file"]["type"] . "<br />";
			$longmsg.="文件大小: " . ($_FILES["file"]["size"] / 1024) . " KB<br />";
			if($_FILES["file"]["type"] == "application/octet-stream")
			{
				$rar_zip = "rar";
				$_FILES["file"]["name"] = $user_num.".rar";
			}
			else if($_FILES["file"]["type"] == "application/x-zip-compressed")
			{
				$rar_zip = "rar";
				$_FILES["file"]["name"] = $user_num.".rar";
			}
			
			
			move_uploaded_file($_FILES["file"]["tmp_name"],  $UPLOAD_USERDOC_ROUT . $_FILES["file"]["name"]);
			$longmsg.="文档成功上传";
			
      		$user_doc = myMQpro($DOWNLOAD_USERDOC_ROUT."?unum=".$user_num."&rz=".$rar_zip);
      
			$sql="UPDATE `cr_user` set `user_doc` = '$user_doc' WHERE `user_id`='$user'";
			mysql_query($sql);// or die(mysql_error());
	      	//header("location: ./userinfo.php");
		  }
		}
		else
		{
			$longmsg.="文件不符合要求";
		}						
	}
	require_once("template/".$BM_TEMPLATE."/userinfo.php");

}
else
{
	require_once("bm_footer.php");
	echo "<script language='javascript'>\n";
	echo "alert('您还没有登录，无法查看用户信息，将返回上一个页面');\n";
	echo "history.go(-1);\n";
	echo "</script>";
	exit(0);
}
?>

<?php 
require_once("bm_footer.php");

?>
